Microsoft to Warn Users of Suspected Government Spying Attempts
Microsoft has announced plans to notify its users when it suspects that their accounts may have been infiltrated by government hackers.
Microsoft to Inform Users of State-Supported Attacks:
Following Google, Facebook, Yahoo, and others, Microsoft too has now joined the forces aiming to keep users' security and privacy before government demands. The tech giant promises to inform users in cases when it believes their accounts may have been targeted by a government agency. Users of its email service, Outlook and cloud storage service, OneDrive, will be notified of these attacks. While Microsoft already informs its users when an unauthorized person tries to access their Outlook or OneDrive accounts, it will now also warn them when it tracks any government sponsored attacks.
According to reports, this decision could have been made in the wake of an incident some years back when Chinese government had hacked into more than a thousand Hotmail accounts of Tibetan and Uighur minorities. At that time, Microsoft had decided not to inform the targets of these attacks and simply recommended them to change their passwords. Some of the Microsoft employees hadn't approved of this decision as it helped hackers to continue with their campaign.
Scott Charney, Corporate Vice President of Trustworthy Computing at Microsoft blogged on Wednesday,
We already notify users if we believe their accounts have been targeted or compromised by a third party, and we provide guidance on measures users can take to keep their accounts secure. We’re taking this additional step of specifically letting you know if we have evidence that the attacker may be “state-sponsored” because it is likely that the attack could be more sophisticated or more sustained than attacks from cyber criminals and others. These notifications do not mean that Microsoft’s own systems have in any way been compromised.
Charney confirms that these notifications do not mean that Microsoft's systems have been compromised or even that the user's account has been necessarily infiltrated. It only means that the company has evidence that the accounts are being targeted and users are informed so that they could take additional steps to ensure it doesn't happen to their accounts.
These additional steps include turning on two-step verification, keeping a strong password and keeping your computer and browser secure from any virus or malware attacks.
Yahoo and Twitter have only recently started to alert users of suspected government surveillance or state-sponsored hacking attempts. While Twitter hasn't promised to continually doing that, Microsoft has assured that it will notify its users of any potential government spying. With governments around the world, taking their spying and surveillance game to the next level, it is reassuring that tech companies are starting to respect their userbase, possibly securing millions of political dissidents, whistleblowers and religious minorities from targeted government attacks.